Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/aHMUiRSSJQsoDs2s9GWgceZtq80.roa
File: aHMUiRSSJQsoDs2s9GWgceZtq80.roa (raw, json)
Hash identifier: /5NWsn+184DbfK6oD6pDN3b1wnBV+pAC2kWMfzRxE+w=
Subject key identifier: 68:73:14:89:14:92:25:0B:28:0E:CD:AC:F4:65:A0:71:E6:6D:AB:CD
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D6D9B62BBED6728766AA2F6F2D155BD67
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/aHMUiRSSJQsoDs2s9GWgceZtq80.roa
Signing time: Sat 03 Feb 2024 06:15:16 +0000
ROA not before: Sat 03 Feb 2024 06:15:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:6d:9b:62:bb:ed:67:28:76:6a:a2:f6:f2:d1:55:bd:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 3 06:15:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=687314891492250b280ecdacf465a071e66dabcd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:ad:07:09:74:71:73:18:c4:ef:e7:ea:de:32:
b9:fd:ff:16:a0:df:ad:33:82:54:06:e2:ce:94:e9:
b2:39:99:ad:af:42:85:1e:de:a9:0f:fe:51:a0:c7:
4d:8b:a2:52:f0:29:35:3c:b7:45:67:32:3a:c4:7a:
ee:70:f0:ca:25:bf:f2:1b:24:f6:53:23:3e:61:8d:
54:fd:46:57:78:19:f4:cc:dd:87:df:e9:bd:e4:45:
41:c2:e2:b5:ba:7b:34:27:47:be:30:e0:7a:a8:5b:
e5:67:0f:88:31:92:ca:fc:a8:d0:74:60:50:76:d4:
fe:49:9f:4c:ba:93:24:3c:84:e6:b5:6c:3d:b6:f9:
16:d2:d1:e4:f8:bb:74:f2:ae:c7:85:29:8d:27:da:
c8:6f:c9:24:4b:d0:d6:4c:f2:97:b7:db:ec:68:b3:
15:c9:fa:bd:ee:7f:ef:e3:f7:b4:b3:6a:27:9e:7d:
fb:c5:9e:a0:4d:01:fc:28:b2:b0:02:01:01:42:51:
7e:73:2b:b5:37:fe:31:81:73:18:2f:3a:5b:24:6f:
6b:11:90:a6:f1:bc:89:fe:79:98:ce:70:ad:fe:80:
31:5b:03:10:bb:f6:d0:f3:55:8f:15:af:5c:82:aa:
29:12:05:37:ba:3e:48:24:c5:93:d5:37:07:5d:2d:
63:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:73:14:89:14:92:25:0B:28:0E:CD:AC:F4:65:A0:71:E6:6D:AB:CD
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/aHMUiRSSJQsoDs2s9GWgceZtq80.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2b:03:2f:28:3c:86:c7:ad:c7:f6:17:f7:c6:bf:b1:aa:c8:0f:
f8:60:f3:d4:31:13:89:17:28:3e:83:98:d5:04:dc:dc:55:1a:
d2:f7:3d:9e:09:68:e8:28:28:a7:a0:b4:a0:af:b5:a1:0e:08:
97:a9:0c:fd:9e:85:c5:41:22:94:4f:31:8b:d6:89:da:73:cc:
e7:03:b4:64:9a:df:4c:31:af:27:88:19:9f:3b:65:54:39:f9:
0f:2d:df:80:c6:1d:f8:e9:79:b7:7c:72:90:09:bf:e9:bf:aa:
d8:83:c8:a0:77:91:67:ee:d1:9a:82:67:ca:2a:f2:5a:da:57:
29:eb:32:c6:98:b5:59:39:e5:0d:6d:6c:28:04:7f:cb:dd:79:
b7:1f:6d:db:4a:1b:e9:da:4c:5c:e6:b3:fc:48:ea:df:47:bc:
e1:d6:15:1e:b4:cb:17:a8:07:c4:f8:ad:86:07:62:5a:74:98:
6d:05:6b:dd:2b:48:48:b9:82:35:c8:25:36:87:06:3b:bd:35:
b5:6a:4d:64:5e:f5:f9:5e:39:13:17:b7:2d:bc:5a:8c:04:34:
d2:32:1c:c3:aa:4d:1d:00:9f:53:27:9e:16:c3:24:28:06:c6:
c0:c7:23:31:67:6a:23:d6:78:fb:b5:ec:2b:0a:6c:41:47:1d:
16:5a:8e:a7
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY1tm2K77Wcodmqi9vLRVb1nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjAzMDYxNTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODczMTQ4OTE0OTIyNTBiMjgwZWNkYWNmNDY1YTA3MWU2NmRhYmNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApK0HCXRxcxjE7+fq3jK5/f8WoN+t
M4JUBuLOlOmyOZmtr0KFHt6pD/5RoMdNi6JS8Ck1PLdFZzI6xHrucPDKJb/yGyT2
UyM+YY1U/UZXeBn0zN2H3+m95EVBwuK1uns0J0e+MOB6qFvlZw+IMZLK/KjQdGBQ
dtT+SZ9MupMkPITmtWw9tvkW0tHk+Lt08q7HhSmNJ9rIb8kkS9DWTPKXt9vsaLMV
yfq97n/v4/e0s2onnn37xZ6gTQH8KLKwAgEBQlF+cyu1N/4xgXMYLzpbJG9rEZCm
8byJ/nmYznCt/oAxWwMQu/bQ81WPFa9cgqopEgU3uj5IJMWT1TcHXS1jQQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGhzFIkUkiULKA7NrPRloHHmbavNMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvYUhNVWlSU1NKUXNvRHMyczlHV2djZVp0cTgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACsDLyg8hsetx/YX98a/
sarID/hg89QxE4kXKD6DmNUE3NxVGtL3PZ4JaOgoKKegtKCvtaEOCJepDP2ehcVB
IpRPMYvWidpzzOcDtGSa30wxryeIGZ87ZVQ5+Q8t34DGHfjpebd8cpAJv+m/qtiD
yKB3kWfu0ZqCZ8oq8lraVynrMsaYtVk55Q1tbCgEf8vdebcfbdtKG+naTFzms/xI
6t9HvOHWFR60yxeoB8T4rYYHYlp0mG0Fa90rSEi5gjXIJTaHBju9NbVqTWRe9fle
ORMXty28WowENNIyHMOqTR0An1MnnhbDJCgGxsDHIzFnaiPWePu17CsKbEFHHRZa
jqc=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:51:41 2025 by rpki-client